What the Titanic Teaches Techies

Sunday, April 15, 2012

Allan Pratt, MBA

5e402abc3fedaf8927900f014ccc031f

I read a recent post from Forbes entitled, “Titanic’s Seven Lessons for Fast-Moving Firms” by Stephen Wunker.

While all seven were important lessons, two stood out as critical lessons for all technology experts – and especially for those of us who live and breathe in the infosecurity arena.

The first lesson was: “Have a warning system.” Ask yourself, how many times have you heard fellow employees talking about disaster recovery policies and procedures? Too often, people talk about the need for these policies and procedures.

But how many companies take the time to study their environments – both physical and technological – then write policies, and lastly and most importantly, train employees on their roles if and when disaster strikes?

Sure, the Titanic was the quintessential example of an entity without a warning system, but your company doesn’t need to follow in these tragic footsteps.

Take the time now, rather than when it’s too late and something happens (for example, data loss, data theft, office fire, etc.) to gather your leadership team, learn who has access to what data throughout the organization, and then, write everything down.

How will the company survive if and when business needs to be conducted off-site? What equipment will function from off-site? Do members of the leadership team have tablets and other tools to continue running the business for an unknown amount of time? Who will be responsible for dealing with concerned customers? Who will deal with the media?

These questions are just the tip of the iceberg – but your team must be prepared.

The second lesson was: “Have clear decision-making in a crisis.” Again, if and when a disaster strikes, who will be in charge? A president or CEO may be out of town or unreachable, so there must be a clear chain of command for every situation.

Remember, if the President of the USA is unable to lead, there is a defined chain of command, so if a chain of command is good enough for the USA, one should exist for your company.

What needs must be met in the event of a crisis? How will your leadership team communicate with employees and customers? How will employees communicate with each other? What projects can be put on hold, and which projects take priority?

No one wants to think that disaster will strike, but it’s better to have policies in place and not need them – because you never know when you may encounter an iceberg, or whatever might be worse in your specific industry.

Read the full article on the Forbes website: http://www.forbes.com/sites/stephenwunker/2012/04/13/titanics-seven-lessons-for-fast-moving-firms/


Allan Pratt, an infosec consultant, represents the alignment of marketing, management, and technology. With an MBA Degree and four CompTIA certs in hardware, software, networking, and security, Allan translates tech issues into everyday language that is easily understandable by all business units. Expertise includes installation and maintenance of hardware, software, peripherals, printers, and wireless networking; development and implementation of integration and security plans; project management; and development of technical marketing and web strategies in the IT industry. Follow Allan on Twitter (http://www.twitter.com/Tips4Tech) and on Facebook (http://www.facebook.com/Tips4Tech).

Cross-Posted from Tips4Tech

Possibly Related Articles:
9316
Policy
Information Security
Enterprise Security Security Strategies Incident Response Training Leadership Infosec Resilience Policies and Procedures IT Security
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.